Learning Sliver C2 (04) - Transports in Detail: HTTP and HTTPS

18 minute read Published:

A post about the HTTP(S) Sliver C2 protocol. I'll show how to use beacons compiled with HTTP C2 endpoints, with a focus on illustrating the traffic these beacons generate. There is also some info on how to modify the traffic such that it looks less like the default. Before diving into the subject matter, there are also instructions for adding a web proxy to the lab setup that is built up iteratively in this series of blog posts.
Sliver C2 This post is part of a tutorial blog post series on Sliver C2 (v1.5.16). For an overview: click here. Introduction This is the second post in a series about Sliver’s C2 protocols. The last one (03 - Transports in Detail: mTLS and WireGuard) was an exploration of the two most recommended and easy-to-use protocols mTLS and WireGuard. However, not all environments allow establishing such connections to your C2 infrastructure.